Skip to content

Commit

Permalink
Implement option to configure secret environment variables for RF exe…
Browse files Browse the repository at this point in the history
…cutions

Specific use case: CryptoLibrary for encrypting login data. 

CMK-19115
  • Loading branch information
jherbel committed Nov 25, 2024
1 parent 10db206 commit 7c0d855
Show file tree
Hide file tree
Showing 7 changed files with 89 additions and 3 deletions.
2 changes: 2 additions & 0 deletions examples/termination/main.rs
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,7 @@ fn system_main() -> AnyhowResult<()> {
"--variable".into(),
format!("RESOURCE:{resource_file}"),
],
secret_env_vars: vec![],
retry_strategy: RetryStrategy::Complete,
};
let token = CancellationToken::new();
Expand Down Expand Up @@ -100,6 +101,7 @@ fn rcc_main(rcc_binary_path: Utf8PathBuf) -> AnyhowResult<()> {
"--variable".into(),
format!("RESOURCE:{resource_file}"),
],
secret_env_vars: vec![],
retry_strategy: RetryStrategy::Complete,
};
let rcc_environment = Environment::Rcc(RCCEnvironment {
Expand Down
7 changes: 7 additions & 0 deletions src/bin/scheduler/internal_config.rs
Original file line number Diff line number Diff line change
Expand Up @@ -133,6 +133,9 @@ pub fn from_external_config(
.map(|f| plan_source_dir.join(f))
.collect(),
exit_on_failure: plan_config.robot_config.exit_on_failure,
secret_environment_variables: plan_config
.robot_config
.secret_environment_variables,
},
plan_config.execution_config.n_attempts_max,
plan_config.execution_config.retry_strategy,
Expand Down Expand Up @@ -200,6 +203,7 @@ mod tests {
variable_files: vec![],
argument_files: vec!["args.txt".into(), "more_args.txt".into()],
exit_on_failure: false,
secret_environment_variables: vec![],
},
execution_config: ExecutionConfig {
n_attempts_max: 1,
Expand Down Expand Up @@ -235,6 +239,7 @@ mod tests {
variable_files: vec!["vars.txt".into()],
argument_files: vec![],
exit_on_failure: false,
secret_environment_variables: vec![],
},
execution_config: ExecutionConfig {
n_attempts_max: 1,
Expand Down Expand Up @@ -317,6 +322,7 @@ mod tests {
"--variablefile".into(),
"/synthetic_tests/rcc/vars.txt".into()
],
secret_env_vars: vec![],
n_attempts_max: 1,
retry_strategy: RetryStrategy::Complete,
}
Expand Down Expand Up @@ -378,6 +384,7 @@ mod tests {
"--argumentfile".into(),
"/synthetic_tests/system/more_args.txt".into()
],
secret_env_vars: vec![],
n_attempts_max: 1,
retry_strategy: RetryStrategy::Incremental,
}
Expand Down
7 changes: 7 additions & 0 deletions src/config.rs
Original file line number Diff line number Diff line change
Expand Up @@ -78,6 +78,7 @@ pub struct RobotConfig {
pub variable_files: Vec<Utf8PathBuf>,
pub argument_files: Vec<Utf8PathBuf>,
pub exit_on_failure: bool,
pub secret_environment_variables: Vec<RobotFrameworkSecretEnvVar>,
}

#[derive(Clone, Debug, Deserialize, PartialEq, Serialize)]
Expand All @@ -86,6 +87,12 @@ pub struct RobotFrameworkVariable {
pub value: String,
}

#[derive(Clone, Debug, Deserialize, PartialEq, Serialize)]
pub struct RobotFrameworkSecretEnvVar {
pub name: String,
pub value: String,
}

#[derive(Clone, Debug, Deserialize, PartialEq, Serialize)]
pub struct ExecutionConfig {
pub n_attempts_max: usize,
Expand Down
69 changes: 66 additions & 3 deletions src/rf/robot.rs
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ pub const PYTHON_EXECUTABLE: &str = "python";
pub struct Robot {
pub robot_target: Utf8PathBuf,
pub command_line_args: Vec<String>,
pub secret_env_vars: Vec<(String, String)>,
pub n_attempts_max: usize,
pub retry_strategy: RetryStrategy,
}
Expand All @@ -28,6 +29,11 @@ impl Robot {
) -> Self {
Self {
robot_target: robot_config.robot_target.clone(),
secret_env_vars: robot_config
.secret_environment_variables
.iter()
.map(|var| (var.name.clone(), var.value.clone()))
.collect(),
command_line_args: Self::config_to_command_line_args(robot_config),
n_attempts_max,
retry_strategy,
Expand Down Expand Up @@ -74,6 +80,9 @@ impl Robot {
.add_argument("--report")
.add_argument("NONE")
.add_argument(&self.robot_target);
for (k, v) in &self.secret_env_vars {
command_spec.add_secret_env(k, v);
}
command_spec
}

Expand Down Expand Up @@ -121,10 +130,10 @@ impl Robot {
#[cfg(test)]
mod tests {
use super::*;
use crate::config::RobotFrameworkVariable;
use crate::config::{RobotFrameworkSecretEnvVar, RobotFrameworkVariable};

#[test]
fn test_command_line_args_empty() {
fn test_new_command_line_args_empty() {
assert!(Robot::new(
RobotConfig {
robot_target: "/suite/tasks.robot".into(),
Expand All @@ -137,6 +146,7 @@ mod tests {
variable_files: vec![],
argument_files: vec![],
exit_on_failure: false,
secret_environment_variables: vec![]
},
1,
RetryStrategy::Incremental
Expand All @@ -146,7 +156,7 @@ mod tests {
}

#[test]
fn test_command_line_args_non_empty() {
fn test_new_command_line_args_non_empty() {
assert_eq!(
Robot::new(
RobotConfig {
Expand Down Expand Up @@ -175,6 +185,7 @@ mod tests {
"/suite/argfile2.txt".into()
],
exit_on_failure: true,
secret_environment_variables: vec![],
},
1,
RetryStrategy::Incremental
Expand Down Expand Up @@ -216,6 +227,34 @@ mod tests {
);
}

#[test]
fn test_new_secret_env_vars() {
assert_eq!(
Robot::new(
RobotConfig {
robot_target: "/suite/tasks.robot".into(),
top_level_suite_name: None,
suites: vec![],
tests: vec![],
test_tags_include: vec![],
test_tags_exclude: vec![],
variables: vec![],
variable_files: vec![],
argument_files: vec![],
exit_on_failure: false,
secret_environment_variables: vec![RobotFrameworkSecretEnvVar {
name: "NAME".into(),
value: "value".into()
}]
},
1,
RetryStrategy::Incremental
)
.secret_env_vars,
vec![("NAME".into(), "value".into())]
);
}

#[test]
fn create_complete_command_spec() {
// Assemble
Expand All @@ -228,6 +267,7 @@ mod tests {
"--variable".into(),
"k:v".into(),
],
secret_env_vars: vec![],
retry_strategy: RetryStrategy::Complete,
};
let output_directory =
Expand Down Expand Up @@ -267,6 +307,7 @@ mod tests {
"top_suite".into(),
"--exitonfailure".into(),
],
secret_env_vars: vec![],
retry_strategy: RetryStrategy::Incremental,
};
let output_directory =
Expand Down Expand Up @@ -301,6 +342,7 @@ mod tests {
robot_target: "~/calculator_test/calculator.robot".into(),
n_attempts_max: 2,
command_line_args: vec![],
secret_env_vars: vec![],
retry_strategy: RetryStrategy::Incremental,
};
let output_directory =
Expand All @@ -327,13 +369,34 @@ mod tests {
assert_eq!(command_spec, expected)
}

#[test]
fn create_command_secret_env_vars() {
assert_eq!(
Robot {
robot_target: "~/calculator_test/calculator.robot".into(),
n_attempts_max: 1,
command_line_args: vec![],
secret_env_vars: vec![("NAME".into(), "value".into())],
retry_strategy: RetryStrategy::Complete,
}
.command_spec(
&Utf8PathBuf::default(),
&Utf8PathBuf::default().join("out.xml"),
1
)
.secret_envs,
vec![("NAME".into(), "value".into())]
)
}

#[test]
fn create_two_attempts() {
// Assemble
let robot = Robot {
robot_target: "~/calculator_test/calculator.robot".into(),
n_attempts_max: 2,
command_line_args: vec![],
secret_env_vars: vec![],
retry_strategy: RetryStrategy::Incremental,
};
let output_directory =
Expand Down
1 change: 1 addition & 0 deletions tests/test_ht_import_scheduler.rs
Original file line number Diff line number Diff line change
Expand Up @@ -97,6 +97,7 @@ fn create_config(test_dir: &Utf8Path, suite_dir: &Utf8Path, rcc_config: RCCConfi
variable_files: vec![],
argument_files: vec![],
exit_on_failure: false,
secret_environment_variables: vec![],
},
execution_config: ExecutionConfig {
n_attempts_max: 1,
Expand Down
2 changes: 2 additions & 0 deletions tests/test_plan_run.rs
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ fn test_rebot_run() -> AnyhowResult<()> {
robot_target: "tests/minimal_suite/tasks.robot".into(),
n_attempts_max: 1,
command_line_args: vec![],
secret_env_vars: vec![],
retry_strategy: RetryStrategy::Complete,
};
let (attempt_reports, rebot) = run_attempts_with_rebot(
Expand Down Expand Up @@ -45,6 +46,7 @@ fn test_timeout_process() -> AnyhowResult<()> {
robot_target: "tests/timeout/tasks.robot".into(),
n_attempts_max: 1,
command_line_args: vec!["--variable".into(), format!("RESOURCE:{resource}")],
secret_env_vars: vec![],
retry_strategy: RetryStrategy::Complete,
};
let (attempt_reports, rebot) = run_attempts_with_rebot(
Expand Down
4 changes: 4 additions & 0 deletions tests/test_scheduler.rs
Original file line number Diff line number Diff line change
Expand Up @@ -177,6 +177,7 @@ fn create_config(
variable_files: vec![],
argument_files: vec![],
exit_on_failure: false,
secret_environment_variables: vec![],
},
execution_config: ExecutionConfig {
n_attempts_max: 1,
Expand Down Expand Up @@ -216,6 +217,7 @@ fn create_config(
variable_files: vec![],
argument_files: vec![],
exit_on_failure: false,
secret_environment_variables: vec![],
},
execution_config: ExecutionConfig {
n_attempts_max: 1,
Expand Down Expand Up @@ -259,6 +261,7 @@ fn create_config(
variable_files: vec![],
argument_files: vec![],
exit_on_failure: false,
secret_environment_variables: vec![],
},
execution_config: ExecutionConfig {
n_attempts_max: 1,
Expand Down Expand Up @@ -310,6 +313,7 @@ fn create_config(
variable_files: vec![],
argument_files: vec![],
exit_on_failure: false,
secret_environment_variables: vec![],
},
execution_config: ExecutionConfig {
n_attempts_max: 1,
Expand Down

0 comments on commit 7c0d855

Please sign in to comment.